package org.crazyit.test.util;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;

public class TokenAuthenticationUtil {
	
	static final long EXPIRATIONTIME = 432_000_000;     // 5天
	static final String SECRET = "P@ssw02d";            // JWT密码
	static final String TOKEN_PREFIX = "Bearer";        // Token前缀
	static final String HEADER_STRING = "Authorization";// 存放Token的Header Key

	public static String getAuthentication(String token) {

		if (token != null) {
            // 解析 Token
            Claims claims = Jwts.parser()
                    // 验签
					.setSigningKey(SECRET)
                    // 去掉 Bearer
					.parseClaimsJws(token.replace(TOKEN_PREFIX, ""))
					.getBody();

            // 拿用户名
            String user = claims.getSubject();

            // 得到 权限（角色）
            String authentications = (String) claims.get("authorities");

            return authentications;
		}
		return null;
	}

}
